So then the issue is with the certificate itself and the validation chain. If you trust the certificate, instead of configuring those properties you could just install the certificate in the trust store of your JVM. This way you just tell Java you trust it and avoid having to configure jclouds to "globally" trust any SSL certificate.
I. On 17 April 2018 at 09:21, Pratheesh <[email protected]> wrote: > Hi Ignasi, > > > > I am using - 1.8.0_51 > > I already put these properties(enabled PROPERTY_TRUST_ALL_CERTS to true) > and working. > > > > Regards > > Pratheesh > > > > *From:* Ignasi Barrera [mailto:[email protected]] > *Sent:* Tuesday, April 17, 2018 12:11 PM > > *To:* [email protected] > *Subject:* Re: Upgrading to TLSv1.2 in Jcloud... > > > > I'd say the config is OK (without having seen the implementation of your > TLSOkHttpClientSupplier). > > > > The error you get is a common error when the certificate is not trusted. > Could that be possible? Which concrete version of Java 8 are you using? > > > > Just to discard a certificate trust issue, could you try setting the > following properties? > > > > Properties overrides = new Properties(); > > overrides.put(Constants.PROPERTY_TRUST_ALL_CERTS, "true"); > > overrides.put(Constants.PROPERTY_RELAX_HOSTNAME, "true"); > > > > Then pass these override properties to the ContextBuilder. > > > > > > I. > > > > On 16 April 2018 at 13:11, Pratheesh <[email protected]> wrote: > > I will try.. > > I am using JDK 8 > > > > Regards > > Pratheesh > > > > *From:* Andrea Turli (apache.org) [mailto:[email protected]] > *Sent:* Friday, April 13, 2018 9:03 PM > > > *To:* [email protected] > *Subject:* Re: Upgrading to TLSv1.2 in Jcloud... > > > > I think you may want to extend SoftLayerHttpApiModule to configure ` > OkHttpClientSupplier` similarly to [1] which uses [2] and inject it in > your BlobStoreContext > > [1]: https://github.com/jclouds/jclouds/blob/master/ > apis/docker/src/main/java/org/jclouds/docker/config/ > DockerHttpApiModule.java#L44 > > [2]: https://github.com/jclouds/jclouds/blob/master/ > apis/docker/src/main/java/org/jclouds/docker/config/ > DockerOkHttpClientSupplier.java > > I couldn't test the solution but I'd start from there > > > > Please let us know, as eventually we may need to improve softlayer to > support natively TLSv1.2 > > > > BTW, which java version are you using? > > > > Andrea > > > > On Fri, Apr 13, 2018 at 4:03 PM Pratheesh <[email protected]> > wrote: > > Hi Andrea, > > > > Please let me know any location or sample URL that I can see a sample. > > > > However I already tried with following sample code.. > > > > System.setProperty("https.protocols", "TLSv1.2"); > > System.setProperty("jdk.tls.client.protocols", > "TLSv1,TLSv1.1,TLSv1.2"); > > Module tlsModule = new AbstractModule() { > > @Override > > protected void configure() { > > bind(OkHttpClientSupplier.class).to( > TLSOkHttpClientSupplier.class); > > } > > }; > > Iterable<Module> modules1 = ImmutableSet.of(tlsModule, new > OkHttpCommandExecutorServiceModule()); > > BlobStoreContext context = ContextBuilder.newBuilder("swift") > > .modules(modules1) > > .endpoint("https://tok02.objectstorage.softlayer.net/auth/ > ") > > .credentials("userId", "pwd") > > .buildView(BlobStoreContext.class); > > > > > > This gives me following error: > > > > Exception in thread "main" org.jclouds.http.HttpResponseException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target connecting to GET > https://tok02.objectstorage.softlayer.net/auth/v1.0 HTTP/1.1 > > at org.jclouds.http.internal. > BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService > .java:117) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) > > at sun.reflect.NativeMethodAccessorImpl.invoke( > NativeMethodAccessorImpl.java:57) > > at sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:491) > > at com.google.inject.internal.DelegatingInvocationHandler. > invoke(DelegatingInvocationHandler.java:37) > > at com.sun.proxy.$Proxy47.invoke(Unknown Source) > > …. > > …. > > Exception in thread "main" org.jclouds.http.HttpResponseException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to > find valid certification path to requested target connecting to GET > https://tok02.objectstorage.softlayer.net/auth/v1.0 HTTP/1.1 > > at org.jclouds.http.internal. > BaseHttpCommandExecutorService.invoke(BaseHttpCommandExecutorService > .java:117) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) > > at sun.reflect.NativeMethodAccessorImpl.invoke( > NativeMethodAccessorImpl.java:57) > > at sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:491) > > at com.google.inject.internal.DelegatingInvocationHandler. > invoke(DelegatingInvocationHandler.java:37) > > at com.sun.proxy.$Proxy47.invoke(Unknown Source) > > … > > > > Caused by: sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target > > at sun.security.provider.certpath.SunCertPathBuilder. > build(SunCertPathBuilder.java:144) > > at sun.security.provider.certpath.SunCertPathBuilder. > engineBuild(SunCertPathBuilder.java:130) > > at java.security.cert.CertPathBuilder.build( > CertPathBuilder.java:280) > > at sun.security.validator.PKIXValidator.doBuild( > PKIXValidator.java:382) > > > > *From:* Andrea Turli [mailto:[email protected]] > *Sent:* Friday, April 13, 2018 6:27 PM > *To:* [email protected] > *Subject:* Re: Upgrading to TLSv1.2 in Jcloud... > > > > Hi, > > > > Pretty sure that jclouds can support your scenario by injecting > OkHttpClientDriver in the context. > > See Docker provider for an example > > > > HTH, > > Andrea > > > > Il ven 13 apr 2018, 14:41 Pratheesh <[email protected]> ha > scritto: > > We are using JClouds 1.9.1 to upload files to Softlayer. Recently > softlayer upgraded to TLSv1.2. So our existing code is failing. > > > > What we have to change in Jclouds to support TLSv1.2, so that it can > upload files to Softlayer. > > > > Regards > > Pratheesh > > >
